← CarreiraAI
Indeed
Presencial

Principal - Secure Procurement Leader

GE Vernova · College Park, GA · Brasil

Publicada em 04/06/2026

Candidatar-se com o CarreiraAI →
Job Description SummaryGE Vernova is seeking an experienced Secure Procurement Leader to own and operate the enterprise Secure Procurement Program within the Product Cybersecurity organization. This senior role ensures that all third-party hardware, software, firmware, and services integrated into GE Vernova commercial products meet security requirements aligned with ISA/IEC 62443 supply chain standards.In this high-visibility, cross-functional role, you will define supplier cybersecurity requirements, lead third-party assessments and audits, embed security obligations into procurement contracts, and drive SBOM adoption across the supplier base. You will partner with product engineering, sourcing, legal, and Vulnerability Operations teams to strengthen supply chain security and protect GE Vernova customers and critical energy infrastructure.Job DescriptionIn This Role, You WillOwn and manage GE Vernova's Secure Procurement Program end-to-end.Develop supplier security requirements, policies, and contractual cybersecurity obligations aligned with ISA/IEC 62443-2-4 and 62443-2-1.Conduct supplier cybersecurity assessments and audits, including questionnaires, remote reviews, and on-site evaluations.Track supplier cybersecurity risks, remediation actions, and compliance status.Embed cybersecurity requirements into RFPs, contracts, and supplier qualification processes.Maintain a cybersecurity-focused Approved Supplier List and reassessment process.Drive SBOM adoption and manage open-source software risk.Coordinate vulnerability response for supplier-provided components in the field.Deliver supplier risk reporting and executive metrics.Monitor supply chain threats and relevant regulations.Represent GE Vernova in industry forums and standards groups.Mentor team members on secure procurement and IEC 62443 practices.RequiredBachelor's degree or equivalent experience.8+ years of experience in cybersecurity, supply chain security, product security, or third-party risk managemen
Candidatar-se com o CarreiraAI →